debian-mirror-gitlab/doc/user/infrastructure/clusters/migrate_to_gitlab_agent.md

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

112 lines
4.9 KiB
Markdown
Raw Normal View History

2022-03-02 08:16:31 +05:30
---
stage: Configure
group: Configure
info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://about.gitlab.com/handbook/engineering/ux/technical-writing/#assignments
---
2022-05-07 20:08:51 +05:30
# Migrate to the GitLab agent for Kubernetes **(FREE)**
2022-03-02 08:16:31 +05:30
2022-05-07 20:08:51 +05:30
To connect your Kubernetes cluster with GitLab, you can use:
2022-03-02 08:16:31 +05:30
2022-05-07 20:08:51 +05:30
- [A GitOps workflow](../../clusters/agent/gitops.md).
2022-07-16 23:28:13 +05:30
- [A GitLab CI/CD workflow](../../clusters/agent/ci_cd_workflow.md).
2022-05-07 20:08:51 +05:30
- [A certificate-based integration](index.md).
2022-03-02 08:16:31 +05:30
2022-05-07 20:08:51 +05:30
The certificate-based integration is
[**deprecated**](https://about.gitlab.com/blog/2021/11/15/deprecating-the-cert-based-kubernetes-integration/)
2022-07-16 23:28:13 +05:30
in GitLab 14.5. The sunsetting plans are described:
- for [GitLab.com customers](../../../update/deprecations.md#saas-certificate-based-integration-with-kubernetes).
- for [Self-managed customers](../../../update/deprecations.md#self-managed-certificate-based-integration-with-kubernetes).
2022-05-07 20:08:51 +05:30
2022-06-21 17:19:12 +05:30
If you are using the certificate-based integration, you should move to another workflow as soon as possible.
2022-03-02 08:16:31 +05:30
2022-05-07 20:08:51 +05:30
As a general rule, to migrate clusters that rely on GitLab CI/CD,
2022-07-16 23:28:13 +05:30
you can use the [CI/CD workflow](../../clusters/agent/ci_cd_workflow.md).
2022-05-07 20:08:51 +05:30
This workflow uses an agent to connect to your cluster. The agent:
- Is not exposed to the internet.
- Does not require full cluster-admin access to GitLab.
2022-03-02 08:16:31 +05:30
NOTE:
2022-05-07 20:08:51 +05:30
The certificate-based integration was used for popular GitLab features like
GitLab Managed Apps, GitLab-managed clusters, and Auto DevOps.
Some features are currently available only when using certificate-based integration.
2022-03-02 08:16:31 +05:30
## Migrate cluster application deployments
### Migrate from GitLab-managed clusters
With GitLab-managed clusters, GitLab creates separate service accounts and namespaces
2022-05-07 20:08:51 +05:30
for every branch and deploys by using these resources.
2022-03-02 08:16:31 +05:30
2022-07-16 23:28:13 +05:30
The GitLab agent uses [impersonation](../../clusters/agent/ci_cd_workflow.md#use-impersonation-to-restrict-project-and-group-access)
2022-03-02 08:16:31 +05:30
strategies to deploy to your cluster with restricted account access. To do so:
1. Choose the impersonation strategy that suits your needs.
1. Use Kubernetes RBAC rules to manage impersonated account permissions in Kubernetes.
2022-05-07 20:08:51 +05:30
1. Use the `access_as` attribute in your agent configuration file to define the impersonation.
2022-03-02 08:16:31 +05:30
### Migrate from Auto DevOps
2022-07-16 23:28:13 +05:30
In your Auto DevOps project, you can use the GitLab agent to connect with your Kubernetes cluster.
1. [Install an agent](../../clusters/agent/install/index.md) in your cluster.
1. In GitLab, go to the project where you use Auto DevOps.
1. Add three variables. On the left sidebar, select **Settings > CI/CD** and expand **Variables**.
- Add a key called `KUBE_INGRESS_BASE_DOMAIN` with the application deployment domain as the value.
- Add a key called `KUBE_CONTEXT` with a value like `path/to/agent/project:agent-name`.
Select the environment scope of your choice.
2022-07-23 23:45:48 +05:30
If you are not sure what your agent's context is, edit your `.gitlab-ci.yml` file and add a job to see the available contexts:
2022-07-16 23:28:13 +05:30
```yaml
deploy:
image:
name: bitnami/kubectl:latest
entrypoint: [""]
script:
- kubectl config get-contexts
```
- Add a key called `KUBE_NAMESPACE` with a value of the Kubernetes namespace for your deployments to target. Set the same environment scope.
2022-03-02 08:16:31 +05:30
1. Select **Add variable**.
2022-05-07 20:08:51 +05:30
1. On the left sidebar, select **Infrastructure > Kubernetes clusters**.
2022-03-02 08:16:31 +05:30
1. From the certificate-based clusters section, open the cluster that serves the same environment scope.
1. Select the **Details** tab and disable the cluster.
2022-07-16 23:28:13 +05:30
1. Edit your `.gitlab-ci.yml` file and ensure it's using the Auto DevOps template. For example:
```yaml
include:
template: Auto-DevOps.gitlab-ci.yml
variables:
KUBE_INGRESS_BASE_DOMAIN: 74.220.23.215.nip.io
KUBE_CONTEXT: "gitlab-examples/ops/gitops-demo/k8s-agents:demo-agent"
KUBE_NAMESPACE: "demo-agent"
```
1. To test your pipeline, on the left sidebar, select **CI/CD > Pipelines** and then **Run pipeline**.
2022-03-02 08:16:31 +05:30
2022-05-07 20:08:51 +05:30
For an example, [view this project](https://gitlab.com/gitlab-examples/ops/gitops-demo/hello-world-service).
2022-03-02 08:16:31 +05:30
2022-05-07 20:08:51 +05:30
### Migrate generic deployments
2022-03-02 08:16:31 +05:30
2022-07-16 23:28:13 +05:30
Follow the process for the [CI/CD workflow](../../clusters/agent/ci_cd_workflow.md).
2022-03-02 08:16:31 +05:30
2022-05-07 20:08:51 +05:30
## Migrate from GitLab Managed applications
2022-03-02 08:16:31 +05:30
2022-07-16 23:28:13 +05:30
GitLab Managed Apps (GMA) were deprecated in GitLab 14.0, and removed in GitLab 15.0.
The agent for Kubernetes does not support them. To migrate from GMA to the
agent, go through the following steps:
2022-06-21 17:19:12 +05:30
1. [Migrate from GitLab Managed Apps to a cluster management project](../../clusters/migrating_from_gma_to_project_template.md).
1. [Migrate the cluster management project to use the agent](../../clusters/management_project_template.md).
2022-03-02 08:16:31 +05:30
2022-05-07 20:08:51 +05:30
## Migrate a cluster management project
2022-03-02 08:16:31 +05:30
2022-05-07 20:08:51 +05:30
See [how to use a cluster management project with the GitLab agent](../../clusters/management_project_template.md).
2022-03-02 08:16:31 +05:30
## Migrate cluster monitoring features
2022-05-07 20:08:51 +05:30
Cluster monitoring features are not yet supported by the GitLab agent for Kubernetes.